Step on a WEP Crack, Break Your Network

On May 3, 2007, at 13:32, John C. Welch wrote:

> On 5/2/07 17:54, "Neil Laubenthal" <neillaubenthal.net> wrote:
>
>> If you're not running either WPA or WEP and depending on MAC
>> identification . . . that is pretty easily spoofed by anybody that
>> really wanted to. In addition; having an open network leaves your
>> online banking transactions, homedirectories, and what not open to
>> potential compromise.
>
> That's a bit alarmist. Does your bank not use SSL? If not, then why
> are you conducting online transactions. If it does, then WEP/WPA or lack
> thereof is not an issue.
>
> If you don't want people remotely accessing your computer, turn off
> file sharing unless you're actively using it.

If there's no door, there's no lock to pick.
I don't think it's alarmist at all. if the network is open . . . then
anyone can join and once joined the other machines on the network are
vulnerable even if bank transactions are secured by SSL. An open
wireless network is a non-secure network. Everything on it is subject
to compromise . . . and the hard part of getting access has been
taken care of already since it's open.

If the door is open and the only thing keeping somebody from stealing
your silver is the lock on the hutch . . . that's not nearly as
secure as having the front door locked as well.

However, as I said; depending on the location . . . and the user's
comfort level . . . leaving it open because the Wii needs to connect
may be an acceptable alternative. If the user lived on a farm for
instance . . . there isn't anybody close to accidentally snoop and
the likelihood of a deliberate snoop is probably reasonably low in
the case. In the suburbs . . . again the neighborhood traffic and
house separation might make it an acceptable risk.

On 5/3/07 16:24, "Neil Laubenthal" <neillaubenthal.net> wrote:

>>> If you're not running either WPA or WEP and depending on MAC
>>> identification . . . that is pretty easily spoofed by anybody that
>>> really wanted to. In addition; having an open network leaves your
>>> online banking transactions, homedirectories, and what not open to
>>> potential compromise.
>>
>> That's a bit alarmist. Does your bank not use SSL? If not, then why
>> are you conducting online transactions. If it does, then WEP/WPA or lack
>> thereof is not an issue.
>>
>> If you don't want people remotely accessing your computer, turn off
>> file sharing unless you're actively using it.
>
> If there's no door, there's no lock to pick.
> I don't think it's alarmist at all. if the network is open . . . then
> anyone can join and once joined the other machines on the network are
> vulnerable even if bank transactions are secured by SSL. An open
> wireless network is a non-secure network. Everything on it is subject
> to compromise . . . and the hard part of getting access has been
> taken care of already since it's open.

You don't have access just because you're on the wireless network. You
simply are now able to tell how many houses are in the neighborhood. If the
houses are properly secured, you're not getting in anytime soon.

>
> If the door is open and the only thing keeping somebody from stealing
> your silver is the lock on the hutch . . . that's not nearly as
> secure as having the front door locked as well.

Open Wireless Network != Computer easily compromised. There's a difference.

--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
jwelchbynkii.com

On May 3, 2007, at 10:32 AM, John C. Welch wrote:

> That's a bit alarmist. Does your bank not use SSL? If not, then why
> are you
> conducting online transactions. If it does, then WEP/WPA or lack
> thereof is
> not an issue.
>
> If you don't want people remotely accessing your computer, turn off
> file
> sharing unless you're actively using it.
>
> If there's no door, there's no lock to pick.

There is at least a transom to peek through (remember those? are they
still supported?), since the bad guy can at least find out what bank
you're dealing with via the IP address.

   --John

> If there's no door, there's no lock to pick.
> I don't think it's alarmist at all. if the network is open . . . then
> anyone can join and once joined the other machines on the network are
> vulnerable even if bank transactions are secured by SSL.

No, that is certainly not true. Not even close to being true.

> An open wireless network is a non-secure network. Everything on it
> is subject
> to compromise

Again, not true.

> and the hard part of getting access has been taken care of already
> since it's open.

But there is no "hard" part of getting access to the wireless
network. Even WPA2 is hackable, it just takes longer than WPA or WEP.

> If the door is open and the only thing keeping somebody from stealing
> your silver is the lock on the hutch . . . that's not nearly as
> secure as having the front door locked as well.

If the door is open and the only thing protecting the silver is a
state-of-the-art electronic security system, 14 cm of hardened steel,
and a 1000 digit combination lock, does locking the front door make
any difference at all? No, it's a trivial obstacle compared to the
SSL encryption inside.

On 5/4/07 13:59, "Google Kreme" <gkremegmail.com> wrote:

>> and the hard part of getting access has been taken care of already
>> since it's open.
>
> But there is no "hard" part of getting access to the wireless
> network. Even WPA2 is hackable, it just takes longer than WPA or WEP.

Yep. Brute force and the lame passwords most use are your friends.

--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
jwelchbynkii.com

On May 5, 2007, at 18:14, John C. Welch wrote:

> On 5/4/07 13:59, "Google Kreme" <gkremegmail.com> wrote:
>
>>> and the hard part of getting access has been taken care of already
>>> since it's open.
>>
>> But there is no "hard" part of getting access to the wireless
>> network. Even WPA2 is hackable, it just takes longer than WPA or
>> WEP.
>
> Yep. Brute force and the lame passwords most use are your friends.

WPA2 with a long string, random password and a short expiration time
is pretty secure. Sure . . . given enough brute force you can crack
even that . . . but that's not something that a bandwidth thief is
going to bother with . . . he will search for an easier target. Even
a dedicated ID thief will likely look for easier pickings.

Still . . . we're talking defense in depth here . . . the only way to
have a really secure network is to not use wireless . . . but even
then your firewall is subject to attack and potential compromise.

I realize that network access is not the same as computer
access . . . but by not having an open network you force the attacker
to first break into the network and then break into the machines on
the network. Make it twice as hard to get in (network and then
computer) and the bad guys are much more likely to move on to a less
hardened target.

On top of that . . . I generally turn off SSID broadcast and use MAC
filtering as well . . . just to throw more roadblocks into a
potential thief's path. I also use non attributable names for
workstations, network names, and user names (ie. don't use neil,
neil's computer, and laubethal wireless network . . . use something
like squirrelly, walnut and peekaboo instead); not to mention secure
non-dictionary passwords using all 4 of the basic food groups (upper,
lower, number, special characters).

All of this just makes you a less and less inviting target . . .
which means the guy down the block gets hacked instead of you. Heck,
my neighbor has a completely open network and has sharing turned on
for his windows machines.

On May 3, 2007, at 10:32 AM, Google Kreme wrote:

> On 2-May-2007, at 16:54, Chris Page wrote:
>> Anything you do that doesn't involve strong encryption and passwords
>> is going to be circumventable by someone who is determined either to
>> use your network or to spy on your data. In this arena, WEP is much
>> better than nothing,
>
> Oh, I disagree. WEP implies there is something worth 'protecting'
> and makes you much more likely to be targeted by the 12yo down the
> street.

There seems to be a lot of superficial "disagreeing" on this thread,
but everybody is right, they're just not talking about exactly the
same things.

In our case, you're simply pointing out that putting a strong lock on
your front door is equivalent to advertising "this house has stuff
worth stealing". I don't disagree with that at all, but it doesn't
really mean that you should not put a lock on your front door.

--
Chris Page - Software Wrangler

On 5/7/07 07:31, "Neil Laubenthal" <neillaubenthal.net> wrote:

> I realize that network access is not the same as computer
> access . . . but by not having an open network you force the attacker
> to first break into the network and then break into the machines on
> the network. Make it twice as hard to get in (network and then
> computer) and the bad guys are much more likely to move on to a less
> hardened target.

Network access is not going to give you any improvement or lack of
improvement in the security of the computers. I've worked in places with
great network security, firewalls, etc, and places that had almost no
firewalls. Neither state had any great effect on the security of the
computers on the network.

Again, if you close off all the sharing services and externally accessible
ports, the only attack vectors available are OS holes and human engineering.
Those are also available on firewalls, etc.

> I also use non attributable names for
> workstations, network names, and user names (ie. don't use neil,
> neil's computer, and laubethal wireless network . . . use something
> like squirrelly, walnut and peekaboo instead);

That only works on small networks. When you get into names like blue, steel,
bluesteel, steelblue, fuscia, pink, purple, etc., you start realizing that
you're making it real hard for YOU to figure out which of 80+ servers does
what.

> not to mention secure
> non-dictionary passwords using all 4 of the basic food groups (upper,
> lower, number, special characters).

good passwords/good access control are going to do as much, if not more for
you than WPA on your home network.

>
> All of this just makes you a less and less inviting target . . .
> which means the guy down the block gets hacked instead of you. Heck,
> my neighbor has a completely open network and has sharing turned on
> for his windows machines.

Your neighbor's an idiot then, but that's nothing to do with the fact that
network access security != computer security.

--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
jwelchbynkii.com

[It's time to wind this thread down, since we're basically just splitting hairs about what different terms mean at this point. -Adam]


On May 7, 2007, at 18:47, John C. Welch wrote:

> Network access is not going to give you any improvement or lack of
> improvement in the security of the computers. I've worked in places
> with
> great network security, firewalls, etc, and places that had almost no
> firewalls. Neither state had any great effect on the security of the
> computers on the network.

Sorry . . . but you're wrong. I have not equated network access to
computer security; despite repeated claims to the contrary. I also
did not say that having a secure network means you have secure
computers.

Let me explain. Take two computers secured as you suggest . . .
firewalls on, unnecessary services turned off, etc. Now place one of
these two computers on an open wireless network and the other on a
closed WPA2 network with a 60 character random password and a 5
minute key.

Now let's plant your basic hacker outside . . . and assume that he
has found a flaw in Tiger (and we know there are flaws in it) that
would allow him to compromise one of these machines if he can get to it.

For the machine on the open network . . . he's there. Network access
was freely granted by the open network so he is free to directly
prosecute his attack against the computer.

For the machine on the closed network . . . he's outside the network,
and hence cannot attack the computer. WPA2 with a strong password is
not crackable by the bad guy in the car out front with a laptop . . .
he simply doesn't have enough cpu cycles to break the encryption.

So . . .assuming he knows of a flaw . . . or even if he's trying to
penetrate the computer without knowing a flaw . . . the fact that an
open network allows him to directly attack the computer makes the
open network inherently less secure than the closed one.

It's defense in depth.

>
> That only works on small networks. When you get into names like
> blue, steel,
> bluesteel, steelblue, fuscia, pink, purple, etc., you start
> realizing that
> you're making it real hard for YOU to figure out which of 80+
> servers does
> what.

Wrong . . . just wrong. I run 3 classified networks at the
office . . . with over 120 servers. None of them have easy to guess
names . . . they aren't named things like domaincontroller,
fileserver, and exchangeserver . . .they are named things like
stingray, smoke, and mirrors instead. Random names are no harder to
keep track of than non random names.

> Your neighbor's an idiot then, but that's nothing to do with the
> fact that
> network access security != computer security.

You keep saying that . . . and nobody is disagreeing with you.
However, I never said it . . . so please stop trying to say I did.
What I said was that the encrypted network makes the computers inside
more secure by forcing a potential bad guy to hack first the network
and then the computer. This is the reason that banks have locks on
their doors, alarms, and guards in addition to just the vault.
Having an open network is the equivalent of putting the vault door on
the outside of the bank.

On 7-May-2007, at 16:47, John C. Welch wrote:
> On 5/7/07 07:31, "Neil Laubenthal" <neillaubenthal.net> wrote:
>> All of this just makes you a less and less inviting target . . .
>> which means the guy down the block gets hacked instead of you. Heck,
>> my neighbor has a completely open network and has sharing turned on
>> for his windows machines.
>
> Your neighbor's an idiot then,

Well now, not necessarily. At least I don't think I'm an idiot and I
have a wifi network that is wide-opne and I have sharing enabled on a
windows machine.

Of course, there's nothing on that windows machine that would be of
any use to anyone, and the only thing that is shared is the
"Completed Downloads" folder and the World of Warcraft "Interface/
Addons" folder.

> but that's nothing to do with the fact that network access
> security != computer security.

That's really the issue. People are thinking of securing their wifi
as providing extra security to their computers, and it really doesn't.

The only way into my Mac is ssh. And the only way into my mac via
ssh is to have the keychain (password won't do, it only allows login
via a key exchange). I trust ssh and the keys far more than any WEP/
WPA/WPA2 network security.

And, as I've said many times, I don't mind if someone hops on my wifi
on occasion. I see people do it sometimes (I am always impressed at
their antennas as I can barely get a signal on the front lawn) and
they're never around long. And I get far more intrusion attempts on
my servers with dedicated IPs than I do on my OS X machine.

On 5/8/07 09:14, "Neil Laubenthal" <neillaubenthal.net> wrote:

> Let me explain. Take two computers secured as you suggest . . .
> firewalls on, unnecessary services turned off, etc. Now place one of
> these two computers on an open wireless network and the other on a
> closed WPA2 network with a 60 character random password and a 5
> minute key.

Right. Because that describes a home network. 60 character random passwords
and five minute keys. Why not set up two factor auth, a hardened OpenBSD
RADIUS server, and Snort while you're at it.

> Now let's plant your basic hacker outside . . . and assume that he
> has found a flaw in Tiger (and we know there are flaws in it) that
> would allow him to compromise one of these machines if he can get to it.
>
> For the machine on the open network . . . he's there. Network access
> was freely granted by the open network so he is free to directly
> prosecute his attack against the computer.
>
> For the machine on the closed network . . . he's outside the network,
> and hence cannot attack the computer. WPA2 with a strong password is
> not crackable by the bad guy in the car out front with a laptop . . .
> he simply doesn't have enough cpu cycles to break the encryption.

I'm using PGP to encrypt all information inside my home directory which is
encrypted by filevault, and all passwords other than the login password,
which is not the password to anything but that account, which is not an
administrator account is on a separate encrypted USB key. Have a party, you
get nothing. I also pay attention to what's on my system, via tripwire et
al. Oh noes, the haxzor. <looks out window>. "Hello, FBI? Yes, I have
someone attempting to hack into my system. They're in a <car> outside my
home at <address>.

Just because you're on the computer doesn't mean it's doing you any good.

>
>>
>> That only works on small networks. When you get into names like
>> blue, steel,
>> bluesteel, steelblue, fuscia, pink, purple, etc., you start
>> realizing that
>> you're making it real hard for YOU to figure out which of 80+
>> servers does
>> what.
>
> Wrong . . . just wrong. I run 3 classified networks at the
> office . . . with over 120 servers. None of them have easy to guess
> names . . . they aren't named things like domaincontroller,
> fileserver, and exchangeserver . . .they are named things like
> stingray, smoke, and mirrors instead. Random names are no harder to
> keep track of than non random names.

Nonsense. I have a server named Steel. You're new. What's Steel's likely
purpose?

I have a server named VMware01. You're new. What's VMware01's likely
purpose.

>
>> Your neighbor's an idiot then, but that's nothing to do with the
>> fact that
>> network access security != computer security.
>
> You keep saying that . . . and nobody is disagreeing with you.
> However, I never said it . . . so please stop trying to say I did.
> What I said was that the encrypted network makes the computers inside
> more secure by forcing a potential bad guy to hack first the network
> and then the computer.

No, it has NO effect on the security of the individual nodes inside. It has
a HUGE effect on the security of the network from the outside, but that's
all. Nortel had GREAT boundary security, but a Code Red/Nimda - infected
laptop took out their corporate network, because they made the mistake of
thinking that external network security made the computers inside more
secure. Even if we use your ridiculously stacked example, all the bad guy
has to do is steal a laptop. Because there's no way that anyone is
remembering your password, it's written down, or saved on a keychain, or
whatever. If I want your data bad enough, and I am willing to throw the
resources at it, you're losing. period.

> This is the reason that banks have locks on
> their doors, alarms, and guards in addition to just the vault.
> Having an open network is the equivalent of putting the vault door on
> the outside of the bank.

There's also a reason why the bank doesn't have the same doors on the front
of the building as on the vault. It's the same reason why they don't have
the same doors on the restrooms as on the vault. Everything is not exactly
the same.
--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
jwelchbynkii.com

Before we close the thread, could someone please explain why WPA2 is
so much better than WEP.

As far as I am aware, noone has ever cracked a WPA og WPA2-network,
but WEP only takes 30 seconds.

Can somebody explain, so our recommandations are based on facts, not
hearsay.

Kind regards,

Kim

[OK, this is the last post in this branch. -Adam]


On May 8, 2007, at 18:41, John C. Welch wrote:
> Right. Because that describes a home network. 60 character random
> passwords
> and five minute keys. Why not set up two factor auth, a hardened
> OpenBSD
> RADIUS server, and Snort while you're at it.

Get real . . . establishing a long random password takes mere
seconds . . . and I only had to type it in once for each laptop that
connects via wireless. The 5 minute is an increase from the 15 minute
standard in an Airport Extreme. RADIUS and snort are good . . .and in
fact snort is running on my laptop; but the basic encryption security
of the network is really what is being relied on. I run Little Snitch
as well to monitor outgoing traffic . . . but if you aren't running a
secure, encrypted network to begin with then you might as well leave
your BMW in the driveway unlocked. Sure, you didn't leave the
keys . . . but then nobody can hotwire a car, right? Me, I prefer to
lock it as well . . . particularly as it doesn't cost me anything.


> Nonsense. I have a server named Steel. You're new. What's Steel's
> likely
> purpose?
>
> I have a server named VMware01. You're new. What's VMware01's likely
> purpose.

Who cares . . . you know and that's all that counts. When I get a new
person onboard I have him learn server names. On the other hand . . .
suppose you named your mail server mail . . . that's no more obvious
to the new guy than mailserver.whatever or webmail.whatever or
exchange2003.whatever.


>
> No, it has NO effect on the security of the individual nodes
> inside. It has
> a HUGE effect on the security of the network from the outside, but
> that's
> all. Nortel had GREAT boundary security, but a Code Red/Nimda -
> infected
> laptop took out their corporate network, because they made the
> mistake of
> thinking that external network security made the computers inside more
> secure. Even if we use your ridiculously stacked example, all the
> bad guy
> has to do is steal a laptop. Because there's no way that anyone is
> remembering your password, it's written down, or saved on a
> keychain, or
> whatever. If I want your data bad enough, and I am willing to throw
> the
> resources at it, you're losing. period.

It's defense in depth . . . go back and review the basic concepts and
maybe it will come to you. No wireless network is really secure . . .
but by making yours (and your computers inside it) harder to crack
you decrease the likelihood that you will be hacked. You seem to
think that because your machines are supposedly secured that having
your network secured doesn't matter. You can think that . . . but
then my neighbor has a totally non-secured network as well . . . and
neither of those approaches is right.

I am not suggesting that having an encrypted network alone is
sufficient . . . you need to take precautions on your workstations as
well. However, if your network is open than you are more at risk than
if both your network and your machines are secured. If you can't
understand that . . . that isn't my fault. Go ahead . . . .run an
open wireless network f you want. I prefer (and anybody that really
understands the problem . . . and I make no claim to fully
understanding the problem either, but I can recognize a good idea
when I see one) to have 2 doors with different locks. If you can't
see the logic and security provided by that . . . then I'm wasting my
keystrokes trying to convince you.

--On May 8, 2007 3:41:40 PM -0700 Kim Gammelgård <kganimac.com> wrote:

> Before we close the thread, could someone please explain why WPA2 is
> so much better than WEP.

The wikipedia article on WPA/WPA2 is pretty good at this.

<http://en.wikipedia.org/wiki/WPA2>

I'd say the fundamental increase in security comes from changing the
encryption key every few minutes. WPA uses TKIP for this, WPA2 uses CCMP
based on AES (the NSA standard encryption algorithm).

Under WEP one encryption key was used for the entire session. The longer
the session runs, the more data the hacker has to figure out the decryption
key (this is why initial WEP breaks took several minutes, they needed to
wait for the proper amount of traffic. New breaks included ways of causing
the access point to generate traffic on it's own, decreasing the amount of
time to get the required amount of data.)

With a changing key presumably there is never enough data to break a key,
and even if there were it would change shortly and the crack would have to
start over again.

Most home users run WPA/WPA2 in Pre-Shared Key (PSK) mode. That's just a
fancy way of saying all users use the same password to connect to the
router (it's possible to have each user have a unique password to access
the router.) If you use a weak password you will still be vulnerable to
password guessing or dictionary attacks (where a dictionary of words are
used to try to guess passwords -- bypassing the brute force method of
trying every possible combination.) WPA requires a minimum of an 8 letter
password, which is slightly more secure than the passwords most people
picked for WEP.

Bruce Schneier has an interesting article on choosing passwords to
purposefully defeat (or slow down) password guessing programs.

<http://www.schneier.com/blog/archives/2007/01/choosing_secure.html>

On 5/8/07 17:41, "Kim GammelgÃrd" <kganimac.com> wrote:

> Before we close the thread, could someone please explain why WPA2 is
> so much better than WEP.

This is not a bad one:

<http://www.wifiknight.com/wep-vs-wpa-a-brief-primer-article/>

The problem is, WEP was designed to keep a wireless network as secure as an
*unencrypted* Ethernet connection. In other words, the same amount of
inconvenience as having to find a free verbose switch port. It was never
really supposed to be all THAT good, and it achieved it's initial design
goals well.

--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
jwelchbynkii.com

Kim Gammelgård wrote:
> Before we close the thread, could someone please explain why WPA2 is
> so much better than WEP.

There are two basic issues I know of. First is key complexity. WEP keys are fairly simple relative to WPA keys. Which means computers these days can take a key they see and just try a LOT of choices to until they get a match. WEP is sort of like a combination lock with 10 digits on the dial and 3 numbers to open. There are only 1000 possible choices so a person who really wanted to open said lock could just try them all in a reasonable amount of time. WPA is like a combination lock with 100 digits on the dial and 5 numbers to open. That takes it to 10,000,000,000 possible choices which no one person can try on their own in a life time. Same concept, different details.

The second issue is the WEP standard had some implementation issues where you could not rely on pass phrases from different vendors generating the same key. Keys are really long binary strings usually expressed in hex. (a8f908...) To make life easier you are supposed to be able to enter a string like "mydogisblue99" and have that generate a key. With WPA all vendor equipment generates the same key based on the same pass phrase. With WEP that wasn't always true and led to lots of teeth grinding.

David

On 8-May-2007, at 16:41, Kim Gammelgård wrote:
> Before we close the thread, could someone please explain why WPA2 is
> so much better than WEP.

It takes a bit longer to crack.

> As far as I am aware, noone has ever cracked a WPA og WPA2-network,
> but WEP only takes 30 seconds.

WPA is pretty trivial to crack:

This is 2 1/2 years old, the technology has gotten better and faster
since.

<http://www.wifinetnews.com/archives/004428.html>
<http://docs.lucidinteractive.ca/index.php/
Cracking_WEP_and_WPA_Wireless_Networks>

Here's a streaming vid showing someone cracking WPA in a couple of
minutes.

<http://www.mirrors.wiretapped.net/security/vulnerability-assessment/
aircrack/whax-aircrack-wpa/whax-aircrack-wpa.html>

strong passwords will only make this process take slightly longer.

As for WPA2, my understanding is that it is crack-able, but takes
more time than WPA.

And just to be clear, a 'dictionary' attack does not indicate taht
the password is, as in the example, a standard word you might find in
your American Heritage. It just means that it is a word, phrase, or
string that is found in the dictionary text file used. Good
dictionary files will contain 50 million 'words' or more, including
such things as r00tp4ss and top50hat. And good software will even
take partial dictionary words and combine them in different ways.

Since WPA is weak enough to allow off-line processing, you can throw
as much processing power at it as you want. Even a decent machine
will not take long to crack just about any non-random password.

And if you're using random passwords, then your users have them
written down somewhere, unprotected and unencoded.

On May 9, 2007, at 12:32 PM, Google Kreme wrote:

> Since WPA is weak enough to allow off-line processing, you can throw
> as much processing power at it as you want. Even a decent machine
> will not take long to crack just about any non-random password.
>
> And if you're using random passwords, then your users have them
> written down somewhere, unprotected and unencoded.

Maybe, maybe not. As Bruce Schneier notes in his "Security Matters"
column on just this topic, even the best dictionary attack programs
can be thrown off by a non-random password that isn't machine guess-
able. Even just taking the first letter of each word of a lengthy
sentence is sufficient to foil even the most powerful computer.

<http://www.wired.com/politics/security/commentary/securitymatters/
2007/01/72458?currentPage=all>

(Note: I HIGHLY recommend this article for anyone interested in
picking stronger passwords.)

Someone could fairly easily remember a sentence like "I was married
to my wife, Sally, at the Brooklyn Elks Club banquet hall in New York
City on January 24, 2000". Taking the first character of each word,
would get "IwmtmwSatBECbhiNYCoJ22", a seemingly random 22 character
password.

As for writing down the password, I don't see that as such a big
problem. If a hacker has gained access to my house or place of
business, he can just plug in an ethernet cable to get full access to
the network. (That's where locks on the door come into play.) You may
as well write your WPA password on the underside of your router.

--Nik

On 5/10/07 14:12, "Nik" <gerberinik.net> wrote:

> As for writing down the password, I don't see that as such a big
> problem. If a hacker has gained access to my house or place of
> business, he can just plug in an ethernet cable to get full access to
> the network. (That's where locks on the door come into play.) You may
> as well write your WPA password on the underside of your router.

In the home, yes, writing things down is not a big deal. In the office,
there are a lot of people who can have access to your business who aren't
the actual attacker. Cleaning staff come to mind, and considering their
salaries, bribery is a rather cheap option if you're talking about the right
info.

--
John C. Welch Writer/Analyst
Bynkii.com Mac and other opinions
jwelchbynkii.com

--On May 10, 2007 12:12:02 PM -0700 Nik <gerberinik.net> wrote:

> As for writing down the password, I don't see that as such a big
> problem. If a hacker has gained access to my house or place of
> business, he can just plug in an ethernet cable to get full access to
> the network. (That's where locks on the door come into play.) You may
> as well write your WPA password on the underside of your router.

Bruce Schneier also recommends writing down your passwords. Just don't keep
them with the device they're protecting, put them in your wallet and take
them with you. If you write down your passwords you can pick longer ones,
and because they're with you when you leave the security isn't that bad.

<http://www.schneier.com/blog/archives/2005/06/write_down_your.html>

My father even carries his bank pin numbers in his wallet. But he converts
them to octal first.